DIGITAL ARMAGEDDON INEVITABLE
Keep your paper handy. As the world of digital communications continues to grow, so grows the interest and technical skills to invade this world and corrupt its core assets: Money and Information.
The incentives range from financial rewards to political advantage to personal satisfaction. Sponsors include nation states, organized crime, misguided, yet determined networks of techno-geeks, to mention a few. These groups operate like businesses with stated objectives and measurable goals. All their efforts are pernicious, designed to harm their targets in ways that are difficult if not impossible to overcome.
Sooner, rather than later, the world will suffer a Digital Armageddon the likes of which have never been seen.
This can be verified to a near mathematical certainty.
Ergo, do the math.
>Geographic Scope – Global
>Test Time Frame – Annual Quarter
>Test Overall Time Frame – One Year; 4 Quarters.
>Results are Additive
4 Key Metric Elements
- Frequency – Number of Breaches during Quarter
- Scope – Number of Accounts Breached
- Intensity – Number of Simultaneous/Coordinated Breaches
- Difficulty – Numeric Value tied to the Difficulty of the Breach. Used as a multiplier of the total of the other three metrics
Armageddon – In simple terms, Armageddon is a mathematical value not just a specific date in time when everything goes to Hell. All key metric elements can be measured and recorded. Armageddon can be assigned an extreme mathematical value. A trend line, chronologic from quarter to quarter and reflecting the cumulative values of the key metric elements for each quarter of the last calendar year, can signal the intensity and direction of breaches, i.e., they can “Forecast” the moment when these cumulative values will match the mathematical value of Armageddon.
- Frequency – Number of Breaches
cumulative values of the key metric
The evidence has been building for years. Hackers have broken into non-public, customer files at banks, mass retailers, investment houses, medical practitioners, power grids, credit card files, airline servers, presidential campaigns, and the list just keeps expanding; moreover, the breaches are occurring at increasing rates. They’ve been targeting countries, selectively taking out their power grids. Political campaigns in democratic countries have been targeted along with high profile public agencies including the IRS, White House, the Joint Chiefs of Staff and the US Office of Personnel Management. Among the list of data stolen are Social Security Numbers, finger prints and eMails. Now imagine cyber thieves sending 10 million bogus emails all at once to personnel in hospitals, corporations and public agencies; each email falsely claiming their account is past-due and offering live links to data that explains their problem. Only a few victims (suckers) are needed to give cyber criminals direct access to core software that runs the victims enterprise. Using this particular strategy as an example, a hospital can have its files accessed and frozen, literally bringing it to its knees and putting lives at risk. Oftentimes, a ransom is asked. Paying the ransom is a quick and popular way to remedy the problem; however, the payer never knows the true identity of the payee. Is it a solitary, misguided 400 lb. nerd on his couch at home or a nefarious terrorist organization seeking financing?
COST. MORE COST.
Phishing attacks on financial organizations have become so sophisticated they are mandating an extra level of “authentication” from the affected businesses. This translates into more time. More labor. And a significant increase in cost. Faux financial documents in the form of LOI’s, LOA’s, Loan Papers, etc., bearing electronic signatures appear so authentic they can easily be mistaken for original documents. To be safe, two party transactions have to be followed up with a phone call to “verify” the “other” party to the transaction is the true party. Electronic funds transfers are followed up immediately with a printed and mailed Notice of Transaction from the payer to the payee to confirm the transaction. These are all cost intensive responses and more than negate the cost advantages of electronic transactions.
WHITE HATS AND BLACK HATS FIT THE SAME HEAD: CYBER-CONS
The same people who write data encryption software – white hats – are sometimes the one’s hacking into it – black hats. These are Cyber-Cons. They work among us, gain our confidence, and appear to be legitimate. The truth is, they’re swindlers. Cheats. Defrauders. All are working for lawful organizations alongside honest, dedicated associates. Never forget that we live in an economically determined world. The rewards to cheat are great, too great for some to ignore. How can you combat this phenomenon when the good and bad guy is oftentimes the same guy? To make matters worse, organized and state-sponsored Cyber-Cons are proliferating the planet at record rates.
AND IT GETS PERSONAL…
When I consider how much of my personal financial information is embedded in apps and regularly used in eCommerce over my smart phone, tablet and laptop, I’m not comfortable.
On a recent trip to NYC, my wife’s chip-enabled credit card was subject to “digital pick-pocketing” by a criminal equipped with an RFID scanner. One can purchase such a device on amazon for less than $100 and it has the ability to read chip-encoded data on a credit card from a distance of 25 feet. The attack was non-invasive. My wife never knew she had been hacked until it was too late and a series of unauthorized purchases had been charged to her card.
Cyber criminals are eating away at the house that digits built. Like termites. At some time certain, the house will fall and all of us will suffer. Confirming statistics are everywhere. The intensity and enormity of attacks today and the breaches of highly secured, sophisticated data repositories signal the inevitable. Whether it’s a global corporate enterprise or a housewife in Peoria, we’re all targets.
What can you do?
In our business, we use 3rd party, IT data security consultants to constantly test and attempt to penetrate our digital systems, externally and internally, and they regularly advise us on how best to protect the data we manage. It’s a 7/24, 365 commitment. And it’s expensive. [On a personal level, I’d advise those who have chip-enabled credit cards to go to amazon and buy a wallet-sized RFID Blocking Device to protect your credit cards from digital pick-pockets. A simple, inexpensive fix.]
DIGITS AND PAPER: D/R COMPATIBLE
I expect a resurgence in the use of non-digital transaction items. We live in a world that bears watching. In our business, we develop and support in-house workflow solutions that create, process and deliver documents. On any given day, we’re touching millions of documents and our users rely on both electronic and paper delivery channels depending on individual customers’ demands. The same services are offered via our outsource business. Most of our users are banks and the information being processed is of a non-public, private nature. We view paper and digital delivery channels as essential, and complementary in some instances. In a D/R mode, we default to paper since everyone has a physical address, but not all can be accessed electronically.
In the meantime, be mindful of the risks of electronic transactions. Be vigilant and put forth your best efforts to protect your personal and your company’s data.
About the Author
Mr. Herget is Co-Founder of Trinamic, an Arkansas Corporation. He serves as Trinamic’s Director of Marketing which includes its software division, AutoMail®, LLC, the developer of AutoMail®, the pioneering software solution, now featured in the Smithsonian’s contemporary display of modern business solutions, that changed forever the way community banks process their mail. It also includes Document Outsource Center, LLC, an outsource services provider that composes and delivers documents via electronic and paper channels. DOC operates entirely on AutoMail®, LLC, developed solutions. Trinamic’s family of propriety solutions are expertly engineered to help transaction businesses simplify their workflows and save money.